summaryrefslogtreecommitdiffstats
path: root/contrib/dracut
Commit message (Collapse)AuthorAgeFilesLines
* Skip loading already loaded keyWitaut Bajaryn2019-11-082-5/+12
| | | | | | | | | | | | | | | Don't ask for the password / try to load the key if the key for the encryptionroot is already loaded. The user might have loaded the key manually or by other means before the scripts get called. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Tom Caputi <[email protected]> Reviewed-by: Richard Laager <[email protected]> Signed-off-by: Witaut Bajaryn <[email protected]> Closes #9495 Closes #9529
* dracut/zfs-load-key.sh: properly remove prefixesalaviss2019-10-301-1/+1
| | | | | | | | | | | Removes the 'ZFS=' prefix from $BOOTFS instead of $root. This makes sure that the 'zfs:' prefix remains stripped so that users with 'root=zfs:dataset' cmdline can have key loaded on boot again. Reviewed-by: Garrett Fields <[email protected]> Reviewed-by: Dacian Reece-Stremtan <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Hiếu Lê <[email protected]> Closes #9520
* Fix for zfs-dracut regressiondacianstremtan2019-10-011-6/+7
| | | | | | | | | | | | Line 31 and 32 overwrote the ${root} variable which broke mount-zfs.sh We have create a new variable for the dataset instead of overwriting the ${root} variable in zfs-load-key.sh${root} variable in zfs-load-key.sh Reviewed-by: Kash Pande <[email protected]> Reviewed-by: Garrett Fields <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Dacian Reece-Stremtan <[email protected]> Closes #8913 Closes #9379
* Restore :: in Makefile.amRyan Moeller2019-08-262-0/+3
| | | | | | | | | | | | The double-colon looked like a typo, but it's actually an obscure feature. Rules with :: may appear multiple times and are run independently of one another in the order they appear. The use of :: for distclean-local was conventional, not accidental. Add comments to indicate the intentional use of double-colon rules. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ryan Moeller <[email protected]> Closes #9210
* Replace whereis with type in zfs-lib.shdacianstremtan2019-06-201-1/+1
| | | | | | | | | | | The whereis command should not be used since it may not exist in the initramfs. The dracut plymouth module also uses the type command instead of whereis. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Garrett Fields <[email protected]> Signed-off-by: Dacian Reece-Stremtan <[email protected]> Closes #8920 Closes #8938
* Move dracut specifics to dracut moduleMichael Niewöhner2019-04-024-3/+25
| | | | | | | | | | | | Dracut depends on the environment variable BOOTFS to be set after pool import. This dracut specific systemd ExecStartPost command should not be called for any non-dracut systems, so let's move it to a static systemd unit that. Reviewed-by: Manuel Amador (Rudd-O) <[email protected]> Reviewed-by: Matthew Thode <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Michael Niewöhner <[email protected]> Closes #8510
* Removed suggestion to use root dataset as bootfsGregor Kopka2019-01-081-6/+0
| | | | | | | | | | | | | | | | | The dracut howto proposed to boot from the root dataset of a pool. Apart from this giving problems when booting (as the code seems to expect a child dataset and creates an illegal dataset name when using the root dataset) the technical limitations of the root dataset (among others the inability to rename or destroy through the `zfs` command) resulted in the general consensus to only use it as a container for the datasets in the pool - not as a filesystem itself. Removed the idea to boot from the root dataset. Reviewed-by: George Melikov <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: bunder2015 <[email protected]> Signed-off-by: Gregor Kopka <[email protected]> Closes #8247
* Add `cut` binary to the initramfsBen Cordero2018-12-132-2/+3
| | | | | | | | | | | | | | Since the `cut -b` command is used by `parse-zfs.sh`, ensure that it is copied to the initramfs. Fix spl_hostid when set by cmdline. This follows a similar logic from the `zgenhostid` script, using `echo` instead of `printf`. Reviewed-by: Olaf Faaland <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ben Cordero <[email protected]> Closes #8197
* Allow spaces in pool names for cmdline argumentkpande2018-11-111-0/+3
| | | | | | | | | | | | | | | | | | | | | PR #8114 quoted the ${ENCRYPTIONROOT} parameter to ensure we don't lose spaces when unlocking root filesystem in the off chance that it has a space in its name. Unfortunately, dracut and initramfs-tools do not actually get the quotes from the cmdline. If we use root=ZFS="root pool/filesystem name" the script still only sees root=ZFS=root and no quotation marks. Because + is a reserved character in ZFS, it's used as a placeholder for spaces in the kernel cmdline. In this way, root=ZFS=root+pool/filesystem+name will properly expand by replacing the character with sed (POSIX compliant method). Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: bunder2015 <[email protected]> Signed-off-by: Kash Pande <[email protected]> Issue #8114 Closes #8117
* Add quotations for ${ENCRYPTIONROOT}kpande2018-11-091-1/+1
| | | | | | | | | | | | Add quotations for ${ENCRYPTIONROOT} to avoid breaking systems with a space in the name. Reviewed-by: bunder2015 <[email protected]> Reviewed-by: Tom Caputi <[email protected]> Reviewed-by: George Melikov <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Kash Pande <[email protected]> Related-to: #8093 Closes #8114
* Use zfs-import.target in contrib/dracutAntonio Russo2018-07-312-5/+10
| | | | | | | | | The new zfs-import.target should be used in place of the zfs-import-*.service units. Reviewed by: Brian Behlendorf <[email protected]> Reviewed-by: Manuel Amador (Rudd-O) <[email protected]> Signed-off-by: Antonio Russo <[email protected]> Closes #6964
* Fix initramfs missing systemd binariesGeorge Diamantopoulos2018-07-271-0/+2
| | | | | | | | | | | | | Systemd binaries necessary for mounting an encrypted root dataset weren't copied to initramfs generated by dracut. This patch fixes this and copies these binaries unconditionally, that is regardless of whether native ZFS encryption is used for the root dataset. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: George Diamantopoulos <[email protected]> Closes #7607 Closes #7719
* Install basename utility into dracut initramfsSteffen Müthing2018-05-291-0/+1
| | | | | | | | | | | | | vdev_id requires the program `basename` when handling short aliases defined in `vdev_id.conf` (those defined without a leading path), but `basename` is not always available in the dracut environment. This causes the pool device names to change when using `by-vdev/` devices or (in extreme cases) can make the pool import fail in dracut. This commit fixes the problem by explicitly installing `basename`. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Steffen Müthing <[email protected]> Closes #7562
* modprobe zfs during dracut mountkpande2018-03-221-0/+1
| | | | | | | | | | | Resolves importing root pool during boot in dracut. This case was inadvertently broken with the module autoloading change in #7287. Reviewed-by: Matthew Thode <[email protected]> Reviewed-by: George Melikov <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Giuseppe Di Natale <[email protected]> Signed-off-by: Kash Pande <[email protected]> Closes #7322
* Shellcheck cleanup for initrd scriptsKash Pande2018-02-236-101/+98
| | | | | | | | | Reviewed-by: Brian Behlendorf <[email protected]> Co-authored-by: Kash Pande <[email protected]> Co-authored-by: Matthew Thode <[email protected]> Signed-off-by: Kash Pande <[email protected]> Signed-off-by: Matthew Thode <[email protected]> Closes #7214
* Enable booting from nested encrypted datasetsKash Pande2018-02-233-33/+82
| | | | | | | | | | | | - enable booting from nested encrypted datasets - fix plymouth boot splash passphrase entry - optimize unlock process Co-authored-by: Kash Pande <[email protected]> Co-authored-by: Matthew Thode <[email protected]> Signed-off-by: Kash Pande <[email protected]> Signed-off-by: Matthew Thode <[email protected]> Closes #7214
* OpenZFS 7431 - ZFS Channel ProgramsChris Williamson2018-02-081-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Authored by: Chris Williamson <[email protected]> Reviewed by: Matthew Ahrens <[email protected]> Reviewed by: George Wilson <[email protected]> Reviewed by: John Kennedy <[email protected]> Reviewed by: Dan Kimmel <[email protected]> Approved by: Garrett D'Amore <[email protected]> Ported-by: Don Brady <[email protected]> Ported-by: John Kennedy <[email protected]> OpenZFS-issue: https://www.illumos.org/issues/7431 OpenZFS-commit: https://github.com/openzfs/openzfs/commit/dfc11533 Porting Notes: * The CLI long option arguments for '-t' and '-m' don't parse on linux * Switched from kmem_alloc to vmem_alloc in zcp_lua_alloc * Lua implementation is built as its own module (zlua.ko) * Lua headers consumed directly by zfs code moved to 'include/sys/lua/' * There is no native setjmp/longjump available in stock Linux kernel. Brought over implementations from illumos and FreeBSD * The get_temporary_prop() was adapted due to VFS platform differences * Use of inline functions in lua parser to reduce stack usage per C call * Skip some ZFS Test Suite ZCP tests on sparc64 to avoid stack overflow
* Only run pre-mount hook zfs-load-key on systemdMatthew Thode2018-02-071-0/+3
| | | | | | | | Reviewed-by: Kash Pande <[email protected]> Reviewed-by: bunder2015 <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Matthew Thode <[email protected]> Closes #7136 Closes #7140
* Add zfs-load-key.sh to .gitignoreBrian Behlendorf2018-02-062-53/+2
| | | | | | | | | | | The generated zfs-load-key.sh file should have been added to the .gitignore file as part of commit 7da8f8d8. And the generated file should not be included in the repo. Reviewed-by: Matthew Thode <[email protected]> Reviewed-by: Giuseppe Di Natale <[email protected]> Reviewed by: George Melikov <[email protected]> Signed-off-by: Brian Behlendorf <[email protected]> Closes #7134
* Encryption Stability and On-Disk Format FixesTom Caputi2018-02-021-0/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The on-disk format for encrypted datasets protects not only the encrypted and authenticated blocks themselves, but also the order and interpretation of these blocks. In order to make this work while maintaining the ability to do raw sends, the indirect bps maintain a secure checksum of all the MACs in the block below it along with a few other fields that determine how the data is interpreted. Unfortunately, the current on-disk format erroneously includes some fields which are not portable and thus cannot support raw sends. It is not possible to easily work around this issue due to a separate and much smaller bug which causes indirect blocks for encrypted dnodes to not be compressed, which conflicts with the previous bug. In addition, the current code generates incompatible on-disk formats on big endian and little endian systems due to an issue with how block pointers are authenticated. Finally, raw send streams do not currently include dn_maxblkid when sending both the metadnode and normal dnodes which are needed in order to ensure that we are correctly maintaining the portable objset MAC. This patch zero's out the offending fields when computing the bp MAC and ensures that these MACs are always calculated in little endian order (regardless of the host system's byte order). This patch also registers an errata for the old on-disk format, which we detect by adding a "version" field to newly created DSL Crypto Keys. We allow datasets without a version (version 0) to only be mounted for read so that they can easily be migrated. We also now include dn_maxblkid in raw send streams to ensure the MAC can be maintained correctly. This patch also contains minor bug fixes and cleanups. Reviewed-by: Jorgen Lundman <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Reviewed by: Matthew Ahrens <[email protected]> Signed-off-by: Tom Caputi <[email protected]> Closes #6845 Closes #6864 Closes #7052
* Run zfs load-key if needed in dracutMatthew Thode2018-01-186-11/+90
| | | | | | | | | | | | | | | | 'zfs load-key -a' will only be called if needed. If a dataset not needed for boot does not have its key loaded (home directories for example) boot can still continue. zfs:AUTO was not working via dracut, so we still need the generator script to do its thing. Reviewed-by: Richard Yao <[email protected]> Reviewed-by: Manuel Amador (Rudd-O) <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: loli10K <[email protected]> Signed-off-by: Matthew Thode <[email protected]> Closes #6982 Closes #7004
* Honor --with-mounthelperdir where applicableLOLi2017-12-172-2/+3
| | | | | | Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Giuseppe Di Natale <[email protected]> Signed-off-by: loli10K <[email protected]> Closes #6962
* Encryption patch follow-upTom Caputi2017-10-111-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * PBKDF2 implementation changed to OpenSSL implementation. * HKDF implementation moved to its own file and tests added to ensure correctness. * Removed libzfs's now unnecessary dependency on libzpool and libicp. * Ztest can now create and test encrypted datasets. This is currently disabled until issue #6526 is resolved, but otherwise functions as advertised. * Several small bug fixes discovered after enabling ztest to run on encrypted datasets. * Fixed coverity defects added by the encryption patch. * Updated man pages for encrypted send / receive behavior. * Fixed a bug where encrypted datasets could receive DRR_WRITE_EMBEDDED records. * Minor code cleanups / consolidation. Signed-off-by: Tom Caputi <[email protected]>
* Fix inclusion of libgcc_s.so on Voidprivb0x232017-10-091-0/+3
| | | | | | | | | | | On Void Linux (x86_64 musl) libgcc_s.so is located in "/usr/lib" so it is not found by dracut and it produces an error. Add a simple additional path check for "/usr/lib/libgcc_s.so*" and install it in the initramfs. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: privb0x23 <[email protected]> Closes #6715
* dracut: make module-setup.sh shebang explicitFabian-Gruenbichler2017-08-142-2/+2
| | | | | | | | | | | while these are source by dracut (which is a bash script) the practical difference is small, but it is more correct: /bin/sh is not bash on all systems (e.g. Debian and its derivatives use /bin/dash as /bin/sh by default). Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Fabian Grünbichler <[email protected]> Closes #6491
* dracut: Install commands required for vdev_idKarsten Kretschmer2017-08-041-0/+2
| | | | | | | | | The vdev_id script requires awk, grep, and head. Use dracut_install to ensure that these commands are available in the initrd environment. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Karsten Kretschmer <[email protected]> Closes #6443 Closes #6452
* contrib/dracut: fix syntax error in module-setup.shAron Xu2017-01-311-1/+2
| | | | | | | | | | The dracut/02zfsexpandknowledge/module-setup.sh.in has a syntax error which makes the script unusable by a POSIX compliant shell like Dash on Debian based systems. Reviewed-by: Giuseppe Di Natale <[email protected]> Reviewed-by: George Melikov <[email protected]> Signed-off-by: Aron Xu <[email protected]> Closes #5712
* Update .gitignoreBrian Behlendorf2016-10-191-0/+1
| | | | | | | Two additional files were recently introduced and should be ignored by git. Signed-off-by: Brian Behlendorf <[email protected]> Closes #5299
* Properly use the Dracut cleanup hook to order pool shutdownRudd-O2016-10-174-2/+13
| | | | | | | | | | | | | | | | | | When Dracut starts up, it needs to determine whether a pool will remain "hanging open" before the system shuts off. In such a case, then the code to clean up the pool (using the previous export -F work) must be invoked. Since Dracut has had a recent change that makes mount-zfs.sh simply not run when the root dataset is already mounted, we must use the cleanup hook to order Dracut to do shutdown cleanup. Important note: this code will not accomplish its stated goal until this bug is fixed: https://bugzilla.redhat.com/show_bug.cgi?id=1385432 That bug impacts more than just ZFS. It impacts LUKS, dmraid, and unmount during poweroff. It is a Fedora-wide bug. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Manuel Amador (Rudd-O) <[email protected]> Closes #5287
* Use -F to export pools so as not to dirty up device labelsRudd-O2016-10-154-10/+11
| | | | | | Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Manuel Amador (Rudd-O) <[email protected]> Closes #5228 Closes #5238
* Use a different technique to detect whether to mount-zfsRudd-O2016-10-062-19/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The behavior of the Dracut module was very wrong before. The correct behavior: initramfs should not run `zfs-mount` to completion if the two generator files exist. If, however, one of them is missing, it indicates one of three cases: * The kernel command line did not specify a root ZFS file system, and another Dracut module is already handling root mount (via systemd). `mount-zfs` can run, but it will do nothing. * There is no systemd to run `sysroot.mount` to begin with. `mount-zfs` must run. * The root parameter is zfs:AUTO, which cannot be run in sysroot.mount. `mount-zfs` must run. In any of these three cases, it is safe to run `zfs-mount` to completion. `zfs-mount` must also delete itself if it determines it should not run, or else Dracut will do the insane thing of running it over and over again. Literally, the definition of insanity, doing the same thing that did not work before, expecting different results. Doing that may have had a great result before, when we had a race between devices appearing and pools being mounted, and `mount-zfs` was tasked with the full responsibility of importing the needed pool, but nowadays it is wrong behavior and should be suppressed. I deduced that self-deletion was the correct thing to do by looking at other Dracut code, because (as we all are very fully aware of) Dracut is entirely, ahem, "implementation-defined". Tested-by: @wphilips Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Manuel Amador (Rudd-O) <[email protected]> Closes #5157 Closes #5204
* Fix regression that broke dracut initramfs generationMoritz Maxeiner2016-09-211-3/+9
| | | | | | | | | | | | | | Based upon @ryao's initial fix for 1c73494394fc9de9283b3fd4f00bcdf4bd300a7 ( 5e9843405f63fdabe76e87b92b81a127d488abc7 ) this one also uses `command -v` instead of `type`, but additionally only applies the fix to close zfsonlinux/zfs#4749 when `libgcc_s.so.1` has not been included by dracut automatically (verified by whether `zpool` links directly to `libgcc_s.so`), as well as change the fallback option to match `libgcc_s.so*`. Tested-by: Ben Jencks <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Moritz Maxeiner <[email protected]> Closes #5089 Closed #5138
* zfs dracut module should not assume systemd presenceMoritz Maxeiner2016-09-091-8/+10
| | | | | | | Signed-off-by: Moritz Maxeiner <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Closes #4749 Closes #5058
* Adapt genkernel fix for zfsonlinux/zfs#4749 to zfs dracut moduleMoritz Maxeiner2016-09-091-0/+6
| | | | | | | Signed-off-by: Moritz Maxeiner <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Closes #4749 Closes #5058
* Set proper dependency for string replacement targetsChunwei Chen2016-08-022-4/+4
| | | | | | | | | A lot of string replacement target don't have dependency or incorrect dependency. We setup proper dependency by pattern rules. Signed-off-by: Chunwei Chen <[email protected]> Signed-off-by: Brian Behlendorf <[email protected]> Closes #4908
* Fix the test to use the variablejyxent2016-05-131-1/+1
| | | | | Signed-off-by: Manuel Amador (Rudd-O) <[email protected]> Signed-off-by: Brian Behlendorf <[email protected]> Closes #4645
* A collection of dracut fixesManuel Amador (Rudd-O)2016-05-128-18/+64
| | | | | | | | | | | | | | | | | | | | | | | | | | - In older systems without sysroot.mount, import before dracut-mount, and re-enable old dracut mount hook - rootflags MUST be present even if the administrator neglected to specify it explicitly - Check that mount.zfs exists in sbindir - Remove awk and head as (now unused) requirements, add grep, and install the right mount.zfs - Eliminate one use of grep in Dracut - Use a more accurate grepping statement to identify zfsutil in rootflags - Ensure that pooldev is nonempty - Properly handle /dev/sd* devices and more - Use new -P to get list of zpool devices - Bail out of the generator when zfs:AUTO is on the root command line - Ignore errors from systemctl trying to load sysroot.mount, we only care about the output - Determine which one is the correct initqueuedir at run time. - Add a compatibility getargbool for our detection / setup script. - Update dracut .gitignore files Signed-off-by: <Matthew Thode [email protected]> Signed-off-by: Brian Behlendorf <[email protected]> Closes #4558 Closes #4562
* fix booting via dracut generated initramfsMatthew Thode2016-04-256-2/+215
| | | | | | | | | | | | | | | Dracut and Systemd updated how they integrate with each other, because of this our current integrations stopped working (around the time 4.1.13 came out). This patch addresses that issue and gets us booting again. Thanks to @Rudd-O for doing the work to get dracut working again and letting me submit this on his behalf. Signed-off-by: Manuel Amador (Rudd-O) <[email protected]> Signed-off-by: Matthew Thode <[email protected]> Closes #3605 Closes #4478
* Support parallel build trees (VPATH builds)Turbo Fredriksson2015-07-171-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Build products from an out of tree build should be written relative to the build directory. Sources should be referred to by their locations in the source directory. This is accomplished by adding the 'src' and 'obj' variables for the module Makefile.am, using relative paths to reference source files, and by setting VPATH when source files are not co-located with the Makefile. This enables the following: $ mkdir build $ cd build $ ../configure \ --with-spl=$HOME/src/git/spl/ \ --with-spl-obj=$HOME/src/git/spl/build $ make -s This change also has the advantage of resolving the following warning which is generated by modern versions of automake. Makefile.am:00: warning: source file 'xxx' is in a subdirectory, Makefile.am:00: but option 'subdir-objects' is disabled Signed-off-by: Turbo Fredriksson <[email protected]> Signed-off-by: Brian Behlendorf <[email protected]> Closes #1082
* Move dracut directory to contribBrian Behlendorf2015-07-099-0/+520
The dracut code is analogous to the initramfs code and as such it should be located in the contrib with initramfs for consistency. Signed-off-by: Brian Behlendorf <[email protected]>